WO1998049623A1 - Protection de l'acces a la memoire - Google Patents

Protection de l'acces a la memoire Download PDF

Info

Publication number
WO1998049623A1
WO1998049623A1 PCT/GB1998/000344 GB9800344W WO9849623A1 WO 1998049623 A1 WO1998049623 A1 WO 1998049623A1 GB 9800344 W GB9800344 W GB 9800344W WO 9849623 A1 WO9849623 A1 WO 9849623A1
Authority
WO
WIPO (PCT)
Prior art keywords
address
region
logical
memory
data processing
Prior art date
Application number
PCT/GB1998/000344
Other languages
English (en)
Inventor
Simon Anthony Segars
Original Assignee
Arm Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arm Limited filed Critical Arm Limited
Priority to KR1019997009985A priority Critical patent/KR100563222B1/ko
Priority to IL13241898A priority patent/IL132418A/xx
Priority to EP98902139A priority patent/EP0979456B1/fr
Priority to JP54669198A priority patent/JP3710490B2/ja
Priority to DE69823180T priority patent/DE69823180T2/de
Publication of WO1998049623A1 publication Critical patent/WO1998049623A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1441Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range

Definitions

  • the present invention relates to a data processing apparatus and method for accessing a memory having a plurality of memory locations for storing data values, and in particular to such a data processing apparatus and method that protects memory accesses.
  • the term 'data value' is used herein to refer to both instructions and to items or blocks of data, such as data words. Description of the Prior Art It is known to segment memory into a number of separate logical regions, and to specify protection attributes for each of the regions, such as whether the regions are accessible in supervisor mode only, whether the regions are cacheable, bufferable in a cache based system, etc, to control access to those memory regions.
  • the protection attributes for that region can be used to determine whether the processor, in its current mode of operation, is entitled to access that memory address, and to determine whether data values retrieved from that memory region are cacheable, whether data values to be written to that memory region are bufferable, etc.
  • such protection mechanisms are used in virtual memory systems in association with virtual to physical address translation.
  • the logical regions may typically be of a fixed size, such as 4kb regions, although some techniques may improve flexibility somewhat by providing a few different sized regions, such as lkb, 2kb and 4kb regions.
  • regions may be constrained to vary by powers of two, since the hardware necessary to compare addresses to determine the logical regions containing those addresses can be less complex if the regions are constrained to sizes that vary by power of two.
  • the present invention provides a data processing apparatus for controlling access to a memory having a plurality of memory locations for storing data values, each memory location having a corresponding address
  • the apparatus comprising: address range storage for storing information identifying address ranges for a plurality of logical regions within said memory; attribute storage for storing, for each logical region, attributes used to control access to memory locations within said logical region; address comparator logic for comparing an address issued by a processor corresponding to one of said memory locations with the address ranges for said plurality of logical regions, and, if one or more of the logical regions contain said address, for generating a signal indicating those logical regions containing said address; and attribute determination logic, responsive to the signal generated by the address comparator logic, for applying predetermined priority criteria to determine which logical region containing said address has the highest priority, whereby the attributes in the attribute storage corresponding to that highest priority region are used for controlling access to the memory location specified by the address.
  • overlapping logical regions may be defined, and relative priorities assigned to each logical region. If the processor specifies an address which falls within two or more logical regions, then the priority criteria are used to determine which logical region has the highest priority. Each logical region will have a number of attributes specified for that region which are used to control the access to the memory locations within that logical region. Based on the determination of which region has the highest priority, the attributes for that highest priority region are then used to control the access to the specific memory location specified by the processor.
  • one of said logical regions may be used as a background region covering the entire memory and having the lowest priority of said logical regions, whereby if the address issued by the processor corresponds to a memory location that is not within any of the other logical regions, then the attributes associated with the background region are used to control access to the memory location specified by that address.
  • the memory regions defined do not completely fill the address space of the memory, and hence there will be "holes" in the address map.
  • the lowest priority region to cover the entire memory address range, and specifying appropriate attributes for that logical memory region, then it is possible to define what happens if an access is made to a hole (for example the attributes could be set to full access or no access).
  • a background region may not be defined, and separate arrangements would then need to be made within the system to determine what happens when access to a hole is attempted, eg. any access to a hole may result in an abort, or, if appropriate, any accesses to holes could be ignored.
  • Another alternative approach is to hardwire the lowest priority region to cover the total address space, and to not include that lowest priority region in the comparison process, such that if the address comparator logic generates a signal indicating that none of the logical regions contains said address, then the attribute determination logic is arranged to indicate that the attributes associated with the lowest priority region should be used.
  • This approach can improve efficiency, since there is no need for the address comparator logic to compare the address with the address range for the lowest priority region, the attributes for this lowest priority region being used as a direct consequence of the address comparator logic determining that none of the other logical regions contain said address.
  • the address ranges for the logical regions are specified by a base address identifying which memory location the region starts at, and a size attribute identifying the size of the logical region.
  • the base address is determined as a function of the size attribute, such that a memory region of size X must have a base address which is a multiple of the value X. This approach serves to simplify the hardware requirements.
  • the base address and size attribute will typically be user programmable.
  • the address ranges for the logical regions may be specified by a start address and an end address identifying the start and end of the logical region.
  • the address comparator logic may be arranged in any suitable manner.
  • the address comparator logic comprises a number of comparators, one for each address range.
  • the address range storage may be provided by any suitable storage device.
  • the address range storage comprises a number of registers.
  • separate registers are associated with each comparator of the address comparator logic.
  • the attribute storage may take any appropriate form.
  • said attribute storage comprises a plurality of attribute registers connected to a multiplexer, each register containing the attributes for a logical region, the attribute determination logic outputting a signal to the multiplexer to cause the multiplexer to output the attributes from the attribute register corresponding to the highest priority region containing said address.
  • said address comparator logic has a plurality of outputs, one output being provided for each logical region, and a signal being generated on said outputs to indicate whether the corresponding logical region contains said address, said attribute determination logic having a corresponding plurality of inputs for receiving the signals from said plurality of outputs, and the plurality of inputs having relative priorities used by the attribute determination logic to apply the predetermined priority criteria.
  • said predetermined priority criteria may be stored as priority information in a storage accessible by the attribute determination logic, the priority information specifying the relative priorities of said logical regions.
  • the data processing apparatus further comprises a processor core for issuing addresses corresponding to memory locations within said memory where data values required by the processor are stored, or data values processed by the processor core are to be stored.
  • the data processing circuit may comprise a cache for storing data values accessible by the processor core.
  • a single cache may be provided for storing both instructions and data, such a cache often being referred to as having a Von Neumann cache architecture.
  • a first cache may be provided for storing instructions and a second cache may be provided for storing data, such a cache often being referred to as having a Harvard architecture, said address comparator logic and said attribute determination logic being replicated for each of said first and said second caches.
  • the elements of the data processing circuit required to determine the attributes used to control access to memory are preferably replicated for each cache.
  • the determination of the attributes for the highest priority region preferably occurs whilst a cache look up is taking place.
  • a look up operation in the data cache may occur whilst a look up operation is also taking place in the instruction cache, and hence two sets of circuitry are required to determine the attributes to be used to access the memory addresses corresponding to the lookup operations in both the instruction and the data cache.
  • the present invention provides a method of operating a data processing apparatus to control access to a memory having a plurality of memory locations for storing data values, each memory location having a corresponding address, the method comprising the steps of: (a) storing information identifying address ranges for a plurality of logical regions within said memory; (b) storing, for each logical region, attributes used to control access to memory locations within said logical region; (c) comparing an address issued by a processor corresponding to one of said memory locations with the address ranges for said plurality of logical regions; (d) if one or more of the logical regions contains said address, generating a signal indicating those logical regions containing said address;
  • step (e) responsive to the signal generated at said step (d), applying predetermined priority criteria to determine which logical region containing said address has the highest priority; and (f) outputting the stored attributes corresponding to that highest priority region for use in controlling access to the memory location specified by the address.
  • Figure 1 is a block diagram illustrating a data processing apparatus in accordance with the preferred embodiment of the present invention
  • Figure 2 is a table illustrating how different sized logical regions within memory may be specified by a size field of five bits in accordance with preferred embodiments of the present invention
  • Figure 3 is a flow diagram illustrating the processing steps performed in accordance with preferred embodiments of the present invention in order to determine the attributes to be used to control access to a memory
  • FIGS. 4A and 4B illustrate embodiments of the present invention in which separate data and instruction caches are used. Description of a Preferred Embodiment
  • the data processing circuit has a processor core 10 arranged to process instructions received from memory 120. Data required by the processor core 10 for performing those instructions may also be retrieved from memory 120.
  • a cache 30 is provided for storing data and instructions retrieved from the memory 120 so that it is subsequently readily accessible by the processor core 10.
  • the cache control unit 40 is also provided to control the storage of instructions and data in the cache 30, and to control the retrieval of the data and instructions from the cache.
  • a plurality of logical regions may be defined within the memory 120, each logical region having an independently programmable size.
  • a memory 120 having 4GB of address space will be considered, and it will be assumed that 8 logical regions may be defined within the memory address space.
  • 8 logical regions may be defined within the memory address space.
  • the actual size of the memory, and the number of logical regions definable may be varied as necessary to meet particular requirements of the data processing circuit.
  • Each logical region is preferably defined by a base address which specifies where the region starts in memory, and a size field defining the size of that logical region.
  • a limitation is imposed that the base address must correspond to a "size" boundary.
  • a logical region having a size of 1MB would be arranged to start at a base address corresponding to a 1MB boundary within the memory. It will be appreciated by those skilled in the art that this limitation imposed on the base address in preferred embodiments is not essential, and that by providing more complex hardware within the protection unit, it would be possible to allow the base address to start at a memory location other than a size boundary.
  • the size of a logical region may be chosen within the range of 4KB to 4GB. However, it will be appreciated that this choice of range may be altered as desired.
  • Figure 2 illustrates a table showing how a size register having a 5 bit field may be programmed for different memory sizes. In the example illustrated in Figure 2, the size may vary by powers of two. However, it will be appreciated by those skilled in the art that there is no requirement for the size to be restricted to vary by powers of two, and by providing a size register having a larger number of bits, it is possible to provide additional flexibility in the programming of the size of each region.
  • start and end registers may also be used to define the logical regions. In such cases, information corresponding to the actual addresses of the start and end of each logical region would be stored in registers, rather than the base address and the size of the region.
  • the user is able to program overlapping logical regions in memory.
  • each logical region will have independent attributes, such as protection, cacheable and bufferable attributes, associated therewith. Given the possibility of overlapping logical regions, it is clearly important that any access to memory is handled in a predictable manner. In preferred embodiments, this is achieved by using the protection unit 20 illustrated in Figure 1 , and the operation of this protection unit will now be discussed in more detail.
  • the processor core 10 When the processor core 10 requires an instruction or an item of data (hereafter instructions or data will both be referred to as data values), it places the memory address of that data value on bus line 54 of processor bus 50. Further, the processor core 10 issues a processor control signal on bus line 52.
  • the processor control signal includes information such as whether the address corresponds to a read or a write request, the type of access (eg. sequential), the size of the access (eg. word, byte), the operating mode of the processor (eg. supervisor or user), etc.
  • This processor control signal is received by the cache control unit 40 and prompts the cache control unit to determine whether the required data value is stored within the cache 30.
  • the cache control unit 40 instructs the cache 30 to compare the address on bus line 54 with the addresses in the cache to determine whether the data value corresponding to that address is stored within the cache. If so, the data value is output from the cache 30 onto the data bus line 56 where it is then read by the processor core 10. If the data value corresponding to the address is not within the cache 30, then the cache control unit 40 passes a signal over line 130 to the bus interface unit 95 to indicate that the data value needs to be retrieved from memory 120.
  • the protection controller 150 within protection unit 20 also receives the processor control signal on bus line 52, and upon determining that the processor control signal relates to a potential read or write access to memory 120 or cache 30, instructs the address comparators 70 to examine the address placed by the processor core 10 on bus line 54.
  • there is one address comparator for each logical region and each of the comparators has an associated register containing the address range for a particular logical region.
  • Each comparator is arranged to compare that address range with the particular address on bus line 54 to determine whether the address is contained within the corresponding logical region. Whenever a comparator determines that the address lies within the address range of a logical region, it outputs a hit signal to the priority encoder 75 over a corresponding line 160.
  • the priority encoder 75 receives the signals output by all of the comparators 70. If the priority encoder receives one hit signal, then this indicates that the address only lies within one logical region. In that case, the priority encoder 75 sends a signal to the multiplexer 80 instructing the multiplexer 80 to select from the attribute registers 85 the attributes corresponding to that logical region. These attributes are then used to control access to the memory 120 or use of the data values retrieved from the cache 30. In preferred embodiments, there will always be at least one hit signal generated, since one of the logical regions will be a background region covering the entire address space of memory 120. However, it is not essential that a background region is defined, and hence, in alternative embodiments, it is possible that no hit signals may be generated by the address comparators 70.
  • the priority encoder 75 will be arranged to produce a signal indicating that no hits have been detected, and this signal will be output from the priority encoder 75 to the logic 90. How the data processing circuit reacts to this case would depend on how the logic 90 is arranged. For example, the logic may be arranged such that any attempt to access an address not contained within any of the logical regions will result in an abort signal being returned to the processor core 10 over line 140.
  • the priority encoder 75 is arranged to apply priority criteria in order to determine the relative priorities of each of the defined logical regions.
  • Priority information relating to each logical region may be stored within the protection unit 20, and, for each logical region for which the address comparators have generated a hit signal, the priority encoder may be arranged to use the corresponding priority information to determine which logical region has the highest priority.
  • the relative priorities of the logical regions is determined by the arrangement of the inputs to the priority encoder 75.
  • the priority encoder is then arranged to apply conditional logic, determining first whether a hit signal has been received at input number 7 corresponding to logical region 7. If so, then a signal is output from the priority encoder 75 to the multiplexer 80 indicating that the attributes for logical region 7 should be output from the attribute registers 85. If no hit signal has been received at the input corresponding to logical region 7, then the priority encoder 75 determines whether a hit signal has been received at input number 6 corresponding to logical region 6. If so, then a signal is output from the priority encoder 75 to the multiplexer 80 indicating that the attributes for logical region 6 should be output from the attribute registers 85.
  • the processing performed by the priority encoder 75 will result in a signal being sent to multiplexer 80 instructing the multiplexer to retrieve from the attribute registers 85 the attributes corresponding to the highest priority region containing the address issued by the processor core 10.
  • the attributes output by the multiplexer 80 are then passed to logic unit 90 and to the Bus Interface Unit 95.
  • the logic unit 90 also receives the processor control signal from bus line 52. This processor control signal defines, amongst other things, the mode of operation of the processor core 10.
  • logic 90 can use this information to determine whether the attributes output by the multiplexer 80 allow the processor core 10 in its current mode of operation to have access to the memory address requested. For example, if the logic unit 90 determines that the processor core 10 is in a user mode, and the attributes output by multiplexer 80 indicate that the memory address can only be accessed in supervisor mode, then logic 90 can be arranged to produce an abort signal on path 140 to the processor core 10 and on path 170 to the Bus Interface Unit 95.
  • the processing performed by the protection unit 20 preferably happens at the same time as the cache look up process so as to maintain sufficient processing speed. If the data value requested is available in the cache 30, and the logic unit 90 does not produce an abort signal on line 140, then the processor core 10 will use the data retrieved from cache 30. However, if the data value requested is not available in cache, then, as discussed earlier, a signal will be sent over path 130 instructing the Bus Interface Unit (BIU) 95 to access the memory 120 for the data value.
  • BIU Bus Interface Unit
  • the BIU 95 will examine the processor control signal on bus line 52 to determine whether the instruction issued by the processor core 10 is a read or a write instruction. Assuming it is a read instruction, and that no abort signal is received over path 170 from the logic 90, then the BIU 95 will instruct the multiplexer 100 to pass the address from bus line 54 on to the external address bus line 64 of bus 60 (this is assuming that no pending write instructions to memory 120 are pending in the write buffer 105 - if there are any such pending write instructions, these will be completed prior to the read instruction. The action of the write buffer is discussed in more detail later).
  • a control signal will also be placed on bus line 62 which is used by memory controller 180 to control access to the memory 120. The memory controller 180 will determine from the control signal on bus line 62 that a memory read is required, and will instruct the memory to output on the data bus line 66 the data at the address indicated on address bus line 64.
  • the BIU 95 will send a signal to buffer 110 to cause the buffer 110 to pass the data placed by the memory 120 on external bus line 66 to the processor bus line 56. Additionally, if the attributes received by the BIU 95 from the multiplexer 80 of the protection unit 20 indicate that the address contains a cacheable data value, then the BIU 95 will send a signal over path 135 to the cache control 40 to instruct the cache control to store the retrieved data value in cache 30. The data value retrieved from the memory 120 and placed on bus line 56 will then be stored in the cache 30 and also passed to the processor core 10. Subsequently, that data value can readily be accessed by the processor core 10 directly from the cache. If the attributes received by the BIU 95 indicate that the data value is not cacheable, then the data will not be stored in cache, and the processor core 10 will read the data value from bus line 56.
  • the above description has illustrated how the protection unit 20 is used to control access to the memory 120 for the purposes of reading data values from the memory 120.
  • the address issued by the processor core 10 is an address to which the processor wishes to write a data value, then the following procedure takes place.
  • the processor core will place a processor control signal on bus line 52, an address on bus line 54, and the data value to be stored on bus line 56.
  • the protection controller 150 within protection unit 20 will examine the processor control signal on bus line 52, and upon determining that the processor control signal relates to a write access to memory 120, will instruct the address comparators 70 to examine the address placed by the processor core 10 on bus line 54.
  • the protection unit will then perform the same procedure described earlier with reference to a read instruction m order to determine the highest priority logical region containing that address. This will result in the attributes corresponding to that region being output to the BIU 95 and to the logic 90.
  • the BIU 95 will examine the processor control signal on bus line 52 to determine whether the instruction issued by the processor core 10 is a read or a write instruction.
  • the BIU will determine that a write procedure needs to be employed, and will use the attribute information received from the protection unit 20 to control that write procedure.
  • the logic unit 90 will have determined from the attributes output by multiplexer 80 and from the processor control signal whether the processor core is able to write to the particular address in its current mode of operation, and if not, will have issued an abort signal. Any abort signal will be sent to the BIU 95 over path 170 to instruct it to disregard the write instruction, and will also be sent to the processor core 10 over path 140 to cause the data, address and control information to be removed from bus lines 56, 54 and 52, respectively, and to enable the processor core 10 to execute any exception procedure required in the event of such an abort.
  • the BIU 95 will use the attribute information from multiplexer 80 to determine whether the data to be written is bufferable or not. If the data is bufferable, then the BIU 95 will instruct the write buffer 105 to retrieve the data, address and control signals from bus 50. Once this has been done, the next instruction can be processed by the processor core 10 without waiting for the write instruction to have been completed.
  • the write buffer is preferably a FIFO buffer. When the external bus 60 is free, the BIU 95 instructs the multiplexer 100 to output the next item from the write buffer onto the external bus 60.
  • the multiplexer 100 will then output the necessary control, address and data signals on bus lines 62, 64 and 66 respectively, the memory controller 180 using the control signal to control the write access to memory 120. At this point, the data will be stored in the memory 120. As the data to be stored is sequentially processed from the write buffer 105, then at some point the data corresponding to the address issued by the processor on bus line 54 will be stored m the memory 120.
  • the Bus Interface Unit 95 determines that the address to which the data is to be stored is not bufferable, then the Bus Interface Unit 95 will instruct the multiplexer 100 to select the processor control, address and data information from bus lines 52, 54 and 56 directly. The multiplexer 100 will then output this information onto the external bus 60 so as to cause the data to be stored at the corresponding address in memory 120.
  • the write buffer 105 would typically be drained of any entries within it, so as to ensure that the write instructions are processed in the correct order. Once the non bufferable data corresponding to the current write instruction has been stored, the next instruction can then be processed.
  • the protection unit 20 waits for an address to be placed by the processor core 10 on the address bus line 54.
  • the protection controller 150 within the protection unit 20 is responsive to a control signal on the PC bus 52 to instruct the address comparators 70 to examine the address placed by the processor core 10 on bus line 54.
  • Each address comparator has an associated address register containing the address range for the corresponding logical region. The address received from the address line 54 is compared with the address range in the associated register at step 310, and, if the address lies within that address range, a "hit" signal is output by that address comparator on a corresponding wire 160 at step 320.
  • priority criteria are applied to determine the logical region containing the address that has the highest priority. As mentioned earlier, in preferred embodiments this is performed by arranging the priority encoder to apply conditional logic, determining first whether a hit signal has been received at the input corresponding to the highest priority region. If not, then the input corresponding to the next highest priority region is checked, and so on, until a hit signal is identified. Since the priority encoder 75 logically checks the inputs in order of decreasing priority, the first hit signal identified will correspond to the highest priority logical region containing the address issued by the processor core 10. It will be appreciated that this process need not be performed sequentially one input at a time, and in preferred embodiments suitable logic would be provided to receive all of the eight inputs together and to generate an output which identifies the highest priority region.
  • a background logical region it is not necessary for a background logical region to be defined, and hence it is possible that there may be no hit signals produced, indicating that the address issued by the processor core 10 corresponds to a "hole" in memory 120.
  • the system will typically be hardwired to define how accesses to holes are handled; for example, it may be arranged that any access to a hole will result in an abort signal being generated by logic 90. If, on the other hand, a logical background region is defined, then there is no need to rely on this, since the attributes corresponding to that background region will be used to control the access.
  • this background region may be hardwired to cover the total address space. Then, this lowest priority region can be excluded from the comparison process performed by the address comparators 70, thereby resulting in one less comparator and one less wire 160 to the priority encoder 75. If no hit signals are generated by the address comparators 70, thereby indicating that none of the other logical regions contain said address, then the priority encoder 75 may be arranged to send a signal to the multiplexer 80 to instruct it to select the attributes associated with the lowest priority region.
  • the priority encoder 75 Once the priority encoder 75 has determined which logical region containing the address has the highest priority, then it outputs a signal to the multiplexer 80 to instruct the multiplexer to select, at step 340, the attributes from the attribute register 85 containing the attributes for that logical region. Once the attributes have been selected by the multiplexer 80, those attributes are output at step 350 for use in controlling memory or cache access.
  • a final check is performed by logic unit 90 to determine whether the attributes output at step 350 indicate that the processor core 10 in its current mode of operation should not have access to the memory address within the logical region defined by those attributes. For example, if the processor core 10 is operating in a user mode, and one of the attributes output at step 370 indicates that the address is only accessible in supervisor mode, logic unit 90 will issue an abort signal over path 140 to the processor core 10 to indicate that the processor core 10 cannot access that memory region, and will also send the abort signal to BIU 95 over path 170.
  • the above description has discussed a data processing apparatus in which a plurality of logical memory regions of variable size may be defined, and in which those logical memory regions may be overlapped in order to improve the flexibility of the apparatus.
  • the cache 30 may be used to store both instructions and data as illustrated in Figure 1, or, alternatively, one cache may be provided for storing instructions, and a separate cache provided for storing data. In this latter case, two protection units 20 would preferably be used, one for instructions and one for data. Two ways in which this could be implemented are illustrated in Figures 4 A and 4B. In Figure 4A, instruction cache 430 and data cache 440 are simultaneously accessible by the processor core 10.
  • protection unit 400 When an instruction address is used for a cache lookup in instruction cache 430, that address is also applied to protection unit 400 to determine the attributes that should be used to control access to memory if required. Similarly, when a data address is used for a cache lookup in data cache 440, that address is also applied to protection unit 410 to determine the attributes that should be used to control access to memory if required.
  • the protection units 400 and 410 are preferably the same as protection unit 20 illustrated in Figure 1 , with the exception that the attribute registers and the registers defining the logical regions are now provided by one set of registers 420. Hence, in Figure 4A, the same logical regions and attributes are used for both data and instruction accesses to memory.
  • an alternative approach illustrated in Figure 4B is for the protection units 400 and 410 to have separate registers 450 and 460, respectively, thereby allowing different sized logical regions having different attributes to be specified for data and instruction accesses. This provides more flexibility, since, for example, there may be a requirement for different sized data regions to instruction regions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Memory System (AREA)

Abstract

L'invention concerne un dispositif informatique pour contrôler l'accès à une mémoire comportant plusieurs emplacements pour stocker des valeurs de données, une adresse étant affectée à chacun de ces emplacements de mémoire. Le dispositif comprend une zone de stockage de plages d'adresses contenant des informations identifiant les plages d'adresses de plusieurs régions logiques à l'intérieur de cette mémoire, ainsi qu'une zone de stockage d'attributs contenant, pour chaque région logique, les attributs servant à gérer l'accès aux emplacements à l'intérieur de cette région logique. Selon des modes de réalisation préférés, une ou plusieurs de ces régions logiques peuvent se chevaucher. De plus, une logique de comparaison d'adresses compare une adresse émise par un processeur correspondant à l'un des emplacements de mémoire aux plages d'adresses des régions logiques; si une ou plusieurs régions logiques contiennent cette adresse, cette logique produit un signal indiquant les régions logiques contenant l'adresse. La logique de détermination d'attributs, qui réagit au signal produit par la logique de comparaison d'adresses, applique alors des critères de priorité prédéfinis pour déterminer quelle région logique contenant cette adresse est prioritaire, les attributs dans la zone de stockage d'attributs correspondant à cette région de priorité supérieure servant à gérer l'accès à l'emplacement de mémoire indiqué par l'adresse. Selon la présente invention, on peut définir des régions logiques se chevauchant et affecter des priorités relatives à chaque région logique. Si le processeur indique une adresse située à l'intérieur de deux régions logiques ou plus, les critères de priorité servent à déterminer quelle région logique est prioritaire. Chaque région logique comportera un certain nombre d'attributs utilisés pour gérer l'accès aux emplacements de mémoire dans cette région logique. En fonction de la détermination de la région de priorité supérieure, les attributs pour cette région prioritaire seront utilisés pour gérer l'accès à l'emplacement de mémoire spécifique indiqué par le processeur.
PCT/GB1998/000344 1997-04-30 1998-02-03 Protection de l'acces a la memoire WO1998049623A1 (fr)

Priority Applications (5)

Application Number Priority Date Filing Date Title
KR1019997009985A KR100563222B1 (ko) 1997-04-30 1998-02-03 메모리 액세스 보호
IL13241898A IL132418A (en) 1997-04-30 1998-02-03 Data processing apparatus and method for controlling access to a memory having a plurality of memory locations for storing data
EP98902139A EP0979456B1 (fr) 1997-04-30 1998-02-03 Protection de l'acces a la memoire
JP54669198A JP3710490B2 (ja) 1997-04-30 1998-02-03 メモリアクセス保護装置
DE69823180T DE69823180T2 (de) 1997-04-30 1998-02-03 Speicherzugangsschutz

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB9708822.3 1997-04-30
GB9708822A GB2325061B (en) 1997-04-30 1997-04-30 Memory access protection

Publications (1)

Publication Number Publication Date
WO1998049623A1 true WO1998049623A1 (fr) 1998-11-05

Family

ID=10811626

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB1998/000344 WO1998049623A1 (fr) 1997-04-30 1998-02-03 Protection de l'acces a la memoire

Country Status (12)

Country Link
US (1) US6021476A (fr)
EP (1) EP0979456B1 (fr)
JP (1) JP3710490B2 (fr)
KR (1) KR100563222B1 (fr)
CN (1) CN1118027C (fr)
DE (1) DE69823180T2 (fr)
GB (1) GB2325061B (fr)
IL (1) IL132418A (fr)
MY (1) MY114810A (fr)
RU (1) RU2215321C2 (fr)
TW (1) TW376475B (fr)
WO (1) WO1998049623A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8572345B2 (en) 2011-09-16 2013-10-29 Freescale Semiconductor, Inc. Memory management unit (MMU) having region descriptor globalization controls and method of operation
US8639895B2 (en) 2011-07-14 2014-01-28 Freescale Semiconductor, Inc. Systems and methods for memory region descriptor attribute override
US8949551B2 (en) 2011-02-23 2015-02-03 Freescale Semiconductor, Inc. Memory protection unit (MPU) having a shared portion and method of operation
US9116845B2 (en) 2011-02-23 2015-08-25 Freescale Semiconductor, Inc. Remote permissions provisioning for storage in a cache and device therefor

Families Citing this family (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6272605B1 (en) * 1998-06-01 2001-08-07 International Business Machines Corporation System using priority data of a host recall request to determine whether to release non-volatile storage with another host before processing further recall requests
US6832257B1 (en) * 1998-12-07 2004-12-14 Sony Corporation Computer, recorded medium on which address validity checking program is recorded, and address validity checking method
US6748502B2 (en) * 2001-01-12 2004-06-08 Hitachi, Ltd. Virtual volume storage
JP2003006046A (ja) * 2001-06-25 2003-01-10 Sanyo Electric Co Ltd メモリプロテクション方法および回路
JP2003060906A (ja) * 2001-08-21 2003-02-28 Canon Inc 画像処理装置及びその方法
US7134139B2 (en) * 2002-02-12 2006-11-07 International Business Machines Corporation System and method for authenticating block level cache access on network
US7089419B2 (en) 2002-04-18 2006-08-08 International Business Machines Corporation Control function with multiple security states for facilitating secure operation of an integrated system
US6851056B2 (en) 2002-04-18 2005-02-01 International Business Machines Corporation Control function employing a requesting master id and a data address to qualify data access within an integrated system
US7266842B2 (en) * 2002-04-18 2007-09-04 International Business Machines Corporation Control function implementing selective transparent data authentication within an integrated system
US6715085B2 (en) * 2002-04-18 2004-03-30 International Business Machines Corporation Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
US7266786B2 (en) 2002-11-05 2007-09-04 Sonics, Inc. Method and apparatus for configurable address mapping and protection architecture and hardware for on-chip systems
US7203798B2 (en) * 2003-03-20 2007-04-10 Matsushita Electric Industrial Co., Ltd. Data memory cache unit and data memory cache system
DE10335643B4 (de) * 2003-08-04 2007-10-31 Infineon Technologies Ag Vorrichtung und Verfahren zum Steuern des Zugriffs von mehreren Datenverarbeitungseinrichtungen auf einen Speicher
US7231499B2 (en) * 2003-12-17 2007-06-12 Broadcom Corporation Prioritization of real time / non-real time memory requests from bus compliant devices
US7461268B2 (en) * 2004-07-15 2008-12-02 International Business Machines Corporation E-fuses for storing security version data
US7068545B1 (en) * 2005-01-04 2006-06-27 Arm Limited Data processing apparatus having memory protection unit
US20070005932A1 (en) * 2005-06-29 2007-01-04 Intel Corporation Memory management in a multiprocessor system
JP4519738B2 (ja) * 2005-08-26 2010-08-04 株式会社東芝 メモリアクセス制御装置
US8572329B2 (en) * 2005-10-04 2013-10-29 Arm Limited Multi-region default memory map
TW200805065A (en) * 2006-01-17 2008-01-16 Nxp Bv Region protection unit, instruction set and method for protecting a memory region
JP5100133B2 (ja) * 2007-01-19 2012-12-19 株式会社東芝 情報処理装置
US8380987B2 (en) 2007-01-25 2013-02-19 Microsoft Corporation Protection agents and privilege modes
KR101405319B1 (ko) * 2007-04-16 2014-06-10 삼성전자 주식회사 가상화 환경에서의 안전한 시스템 보호 장치 및 방법
US8051263B2 (en) * 2007-05-04 2011-11-01 Atmel Corporation Configurable memory protection
US8417916B2 (en) * 2008-01-11 2013-04-09 International Business Machines Corporation Perform frame management function instruction for setting storage keys and clearing blocks of main storage
US8738860B1 (en) * 2010-10-25 2014-05-27 Tilera Corporation Computing in parallel processing environments
GB2484927A (en) * 2010-10-26 2012-05-02 Advanced Risc Mach Ltd Provision of access control data within a data processing system
US8775754B2 (en) * 2011-06-24 2014-07-08 Arm Limited Memory controller and method of selecting a transaction using a plurality of ordered lists
GB2522906B (en) * 2014-02-10 2021-07-14 Advanced Risc Mach Ltd Region identifying operation for identifying a region of a memory attribute unit corresponding to a target memory address
US10534719B2 (en) 2017-07-14 2020-01-14 Arm Limited Memory system for a data processing network
US10467159B2 (en) 2017-07-14 2019-11-05 Arm Limited Memory node controller
US10592424B2 (en) 2017-07-14 2020-03-17 Arm Limited Range-based memory system
US10489304B2 (en) * 2017-07-14 2019-11-26 Arm Limited Memory address translation
US10613989B2 (en) 2017-07-14 2020-04-07 Arm Limited Fast address translation for virtual machines
US10353826B2 (en) 2017-07-14 2019-07-16 Arm Limited Method and apparatus for fast context cloning in a data processing system
US10565126B2 (en) 2017-07-14 2020-02-18 Arm Limited Method and apparatus for two-layer copy-on-write
US10884850B2 (en) 2018-07-24 2021-01-05 Arm Limited Fault tolerant memory system
US11232039B2 (en) * 2018-12-10 2022-01-25 Advanced Micro Devices, Inc. Cache for storing regions of data
JP2021022061A (ja) 2019-07-25 2021-02-18 キオクシア株式会社 ストレージ装置、メモリアクセス制御システムおよびメモリアクセス制御方法
EP4372567A1 (fr) 2022-11-18 2024-05-22 Thales Dis France Sas Processeur et procédé de modification du comportement du processeur sur la base d'attributs de mémoire et d'un type d'instruction

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3827029A (en) * 1972-09-25 1974-07-30 Westinghouse Electric Corp Memory and program protection system for a digital computer system
EP0656592A1 (fr) * 1993-11-09 1995-06-07 Motorola, Inc. Commande d'accès en mémoire pour aménager des régions protégées dans une mémoire
EP0700002A1 (fr) * 1994-08-31 1996-03-06 Motorola, Inc. Circuit de commande de sélection de puce modulaire et circuit et procédés associés

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4038645A (en) * 1976-04-30 1977-07-26 International Business Machines Corporation Non-translatable storage protection control system
JPS58225442A (ja) * 1982-06-25 1983-12-27 Toshiba Corp 優先順位制御回路
JPH01229353A (ja) * 1988-03-09 1989-09-13 Fujitsu Ltd Dmaコントローラ
US5335334A (en) * 1990-08-31 1994-08-02 Hitachi, Ltd. Data processing apparatus having a real memory region with a corresponding fixed memory protection key value and method for allocating memories therefor
US5465343A (en) * 1993-04-30 1995-11-07 Quantum Corporation Shared memory array for data block and control program storage in disk drive
US5742826A (en) * 1994-11-09 1998-04-21 International Business Machines Corporation Object encapsulation protection apparatus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3827029A (en) * 1972-09-25 1974-07-30 Westinghouse Electric Corp Memory and program protection system for a digital computer system
EP0656592A1 (fr) * 1993-11-09 1995-06-07 Motorola, Inc. Commande d'accès en mémoire pour aménager des régions protégées dans une mémoire
EP0700002A1 (fr) * 1994-08-31 1996-03-06 Motorola, Inc. Circuit de commande de sélection de puce modulaire et circuit et procédés associés

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8949551B2 (en) 2011-02-23 2015-02-03 Freescale Semiconductor, Inc. Memory protection unit (MPU) having a shared portion and method of operation
US9116845B2 (en) 2011-02-23 2015-08-25 Freescale Semiconductor, Inc. Remote permissions provisioning for storage in a cache and device therefor
US8639895B2 (en) 2011-07-14 2014-01-28 Freescale Semiconductor, Inc. Systems and methods for memory region descriptor attribute override
US8572345B2 (en) 2011-09-16 2013-10-29 Freescale Semiconductor, Inc. Memory management unit (MMU) having region descriptor globalization controls and method of operation

Also Published As

Publication number Publication date
JP3710490B2 (ja) 2005-10-26
GB2325061A (en) 1998-11-11
IL132418A0 (en) 2001-03-19
TW376475B (en) 1999-12-11
JP2001522492A (ja) 2001-11-13
CN1254424A (zh) 2000-05-24
KR20010012133A (ko) 2001-02-15
KR100563222B1 (ko) 2006-03-22
RU2215321C2 (ru) 2003-10-27
MY114810A (en) 2003-01-31
CN1118027C (zh) 2003-08-13
US6021476A (en) 2000-02-01
GB2325061B (en) 2001-06-06
DE69823180D1 (de) 2004-05-19
DE69823180T2 (de) 2004-11-11
EP0979456A1 (fr) 2000-02-16
IL132418A (en) 2003-11-23
GB9708822D0 (en) 1997-06-25
EP0979456B1 (fr) 2004-04-14

Similar Documents

Publication Publication Date Title
US6021476A (en) Data processing apparatus and method for controlling access to a memory having a plurality of memory locations for storing data values
US6226732B1 (en) Memory system architecture
US5721874A (en) Configurable cache with variable, dynamically addressable line sizes
EP0405318A2 (fr) Microprocesseur comprenant une borne de connexion pour un signal de contournement d'antémémoire
JPH08263424A (ja) コンピュータ装置
EP0175620B1 (fr) Disposition de vérification d'accès pour système numérique de traitement de données ayant une mémoire avec pagination à la demande
US5749093A (en) Enhanced information processing system using cache memory indication during DMA accessing
JP3605205B2 (ja) データ処理装置および処理方法
EP0602807A2 (fr) Système d'antémémoire
US4764896A (en) Microprocessor assisted memory to memory move apparatus
US5127096A (en) Information processor operative both in direct mapping and in bank mapping, and the method of switching the mapping schemes
US5454092A (en) Microcomputer having an improved internal address mapping apparatus
US7124261B2 (en) Access to bit values within data words stored in a memory
US5873128A (en) Data processing system with dynamic address translation function
US5619658A (en) Method and apparatus for trapping unimplemented operations in input/output devices
KR920003845B1 (ko) 개인용 컴퓨터의 사용자를 위한 rom의 영역 확장 시스템
US5933856A (en) System and method for processing of memory data and communication system comprising such system
JP3217348B2 (ja) 情報処理システム
JP3147236B2 (ja) キヤツシユメモリ装置
CA1090923A (fr) Memoire pour ensemble de traitement de donnees numeriques
EP0755000A2 (fr) Micro-ordinateur et procédé de génération d'adresses
JPS6031646A (ja) デ−タ処理装置
JPH0488538A (ja) 情報処理システム
JP2000047943A (ja) メモリ保護システム
JPH03150647A (ja) 入出力装置の高速アクセス装置

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 132418

Country of ref document: IL

Ref document number: 98804655.5

Country of ref document: CN

AK Designated states

Kind code of ref document: A1

Designated state(s): CN IL JP KR RU

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 1998902139

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 1019997009985

Country of ref document: KR

ENP Entry into the national phase

Ref document number: 1998 546691

Country of ref document: JP

Kind code of ref document: A

WWP Wipo information: published in national office

Ref document number: 1998902139

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1019997009985

Country of ref document: KR

WWG Wipo information: grant in national office

Ref document number: 1998902139

Country of ref document: EP

WWG Wipo information: grant in national office

Ref document number: 1019997009985

Country of ref document: KR